ixjf

No, you can't. I believe that function was already moved away from "Useful Functions" on the wiki. It's not useful and it has a number of errors: 1. fileGetSize(script) - what is script? 2. loadstring(content) - That's not how the function works. The function takes a string with the decompiled data (loading bytecode is no longer possible in MTA) and then returns a new chunk, this is what you'll call to actually load the script. 3. This is not an error but it should be very useful: if there is a syntax error, loadstring will return nil as the first return value and the error message as the second return value. You probably should output this message just in case. When calling the chunk returned by loadstring you might also want to use pcall instead to output the error message with important information like where does it come from.

The data could suffer the same destiny as the key. It is a bit like a wooden box and key both of which are on fire and the client reads them before they turn to ash. Using a different key each time would make it much harder to reserve engineer rather then using the same RSA key for every script. I'll draw a bit of a map. Server >> Key Gen >> Code Mutilator[Optional] >> Server Encoder[AES] >> Output Data w/ key >> Client >> Memory >> AES Decoder >> Decoded data to memory >> Key destroyed This makes it so there is no one key that can unlock every script in MTA and would just make reverse engineering too hard. Like Talidan said, this only makes it slightly harder to reverse engineer, it isn't much better than what MTA already does. As long as the decrypted code is in memory, no amount of encryption you put behind will ever keep it safe, it's there, decrypted.

Yet another one of these. Just one topic below this one is another about the same. The answer is most likely no - it's not going to happen. The MTA developers don't have time to commit themselves to implement new features (for instance, http://bugs.mtasa.com/view.php?id=7728), let alone rewrite MTA completely for Android.

local color = tocolor ( 0, 0, 0, 255 ) local r = bitExtract ( color, 0, 8 ) local g = bitExtract ( color, 8, 8 ) local b = bitExtract ( color, 16, 8 ) local a = bitExtract ( color, 24, 8 ) No, it does not. tonumber does, which is why you see it as a decimal number.

MTA 1.4 has already been released. Are you sure whatever your issue is hasn't been fixed already?

Read the OOP Introduction.

That's the whole point. It's common for big companies to pay people to find security flaws in their software so that they can fix them.

Go SciTE or go home. Now seriously, I don't know if syntax highlighting colors are per-theme or global but I feel like the highlight colors are a bit too dark for the theme. Anyway, good job, although I'm not going to use this because I personally don't feel the need for that.

How would anyone benefit from CLEO in MTA?

obj.constructor ( ... ) isn't the same as obj:constructor ( ... ). That is syntatic sugar for obj.constructor ( obj, ... ), where the first argument passed is self, but MTA will call obj.constructor ( ... ). If you want it to pass the object, you need to pass it manually, i.e. addEventHandler ( "onPlayerResourceStart", root, function ( ... ) obj.constructor ( obj, ... ) end ) Or: addEventHandler ( "onPlayerResourceStart", root, function ( ... ) obj:constructor ( ... ) end ) Now, if you want to get rid of this messy code, you can use sbx320's class library which addresses class emulation, applying classes to elements, among others. It also provides a bind function which basically allows you to prepend arguments to a function call, so instead of the code above, you would just write this: addEventHandler ( "onPlayerResourceStart", root, bind ( obj.constructor, obj ) ) It's worth mentioning that this library does not work with MTA 1.4 OOP enabled, so you would have to use the 1.4 version, which is only available here, but according to sbx320, there are some minor issues with it, although I didn't come across any while I used it.

The client file cache is now shared across MTA versions. If you have more than one version of MTA installed, that might be it. https://code.google.com/p/mtasa-blue/so ... ail?r=6466

I'm assuming Wei manually formatted that string, which is why I mentioned toJSON; getting the data back in a Lua table is then as easy as calling fromJSON.

local json_t = toJSON ( { 123, 456 } ) -- [ { "1": 123, "2": 456 } ] local t = fromJSON ( json_t ) -- { 123, 456 }

Yes. The_GTA has been pushing commits to his repository on Assembla.

local soundElements = {} local _playSound = playSound function playSound ( ... ) local sound = _playSound ( ... ) if sound then table.insert ( soundElements, sound ) end return sound end loadstring ( codeThatCallsplaySound ) () Or in a sandbox: local soundElements = {} local env = deepcopy ( _G ) function env.playSound ( ... ) local sound = playSound ( ... ) if sound then table.insert ( soundElements, sound ) end return sound end local func = loadstring ( codeThatCallsplaySound ) setfenv ( func, env ) func () The implementation of deepcopy can be found here.

It most likely requires access to addAccount. If it's such a big deal, Bonsai could use the aclrequest tag in the meta file to request access only to specific rights (function.addAccount, in this case) like this: <aclrequest> <right name="function.addAccount" access="true" /> </aclrequest> I also saw that the resource 'CSS' calls stopResource if the author in the meta file isn't "Bonsai", which also requires special privileges.

I looked into that file and there's no backdoor. You can safely run it.

There is also a list of (undocumented) client classes, but it is unfinished and outdated: https://wiki.multitheftauto.com/wiki/Client_Scripting_Classes Feel free to update it if you want: https://gist.github.com/ixjf/7074664

What I showed only uses one table per player. Your code doesn't work because you're setting myTable[ client ][ weaponSlot ] to a table whose first index is the element, then you check if myTable[ client ][ weaponSlot ] is an element, which it isn't. You should rather set the value of myTable[ client ][ weaponSlot ] to the element or check if the index 1 in the table myTable[ client ][ weaponSlot ] is an element. local myTable = {} myTable[ client ] = {} myTable[ client ][ weaponSlot ] = element

local myTable = {} myTable[ client ] = {} myTable[ client ][1] = weaponSlot1Data myTable[ client ][2] = weaponSlot2Data ... where 1 and 2 are the weapon slot IDs. Is this what you wanted?

Overcomplicating simple stuff. myTable[ thePlayer ][1] -- "Hello" myTable[ thePlayer ][2] -- "World"

I was talking about this earlier and sbx320 checked it out. It has no backdoors.

DON'T concatenate the values directly with the query string. That's a huge flaw and can easily be exploited. Use ? instead and pass the actual value as an argument. As for your issue, replace ipairs with pairs in line 18. And for optimal performance, replace pairs with ipairs in line 16 since it's an array.

Alternatively, you can use string.gmatch: local str = "Hello, world" for c in str:gmatch ( "." ) do outputChatBox ( c ) end

You can only load pages that are in the global whitelist or if the client allows it. To request permission to load a web page, call the requestBrowserPages function with a table whose values are the web page URLs you want to load.